Mercurial > 510Connectbot

comparison src/ch/ethz/ssh2/crypto/dh/DhExchange.java @ 307:071eccdff8ea ganymed

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
fix java formatting
author Carl Byington <carl@five-ten-sg.com>
date Wed, 30 Jul 2014 14:16:58 -0700
parents 91a31873c42a
children cb179051f0f2
comparison
equal deleted inserted replaced
305:d2b303406d63 307:071eccdff8ea
17 * @version $Id: DhExchange.java 152 2014-04-28 11:02:23Z dkocher@sudo.ch $ 17 * @version $Id: DhExchange.java 152 2014-04-28 11:02:23Z dkocher@sudo.ch $
18 */ 18 */
19 public class DhExchange { 19 public class DhExchange {
20 private static final Logger log = Logger.getLogger(DhExchange.class); 20 private static final Logger log = Logger.getLogger(DhExchange.class);
21 21
22 /* Given by the standard */ 22 /* Given by the standard */
23 23
24 static final BigInteger p1, p14; 24 static final BigInteger p1, p14;
25 static final BigInteger g; 25 static final BigInteger g;
26 26
27 BigInteger p; 27 BigInteger p;
28 28
29 /* Client public and private */ 29 /* Client public and private */
30 30
31 BigInteger e; 31 BigInteger e;
32 BigInteger x; 32 BigInteger x;
33 33
34 /* Server public and private */ 34 /* Server public and private */
35 35
36 BigInteger f; 36 BigInteger f;
37 BigInteger y; 37 BigInteger y;
38 38
39 /* Shared secret */ 39 /* Shared secret */
40 40
41 BigInteger k; 41 BigInteger k;
42 42
43 static { 43 static {
44 final String p1_string = "17976931348623159077083915679378745319786029604875" 44 final String p1_string = "17976931348623159077083915679378745319786029604875"
45 + "60117064444236841971802161585193689478337958649255415021805654859805036464" 45 + "60117064444236841971802161585193689478337958649255415021805654859805036464"
46 + "40548199239100050792877003355816639229553136239076508735759914822574862575" 46 + "40548199239100050792877003355816639229553136239076508735759914822574862575"
47 + "00742530207744771258955095793777842444242661733472762929938766870920560605" 47 + "00742530207744771258955095793777842444242661733472762929938766870920560605"
48 + "0270810842907692932019128194467627007"; 48 + "0270810842907692932019128194467627007";
49
50 final String p14_string = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129" 49 final String p14_string = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129"
51 + "024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0" 50 + "024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0"
52 + "A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB" 51 + "A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB"
53 + "6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A" 52 + "6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A"
54 + "163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208" 53 + "163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208"
55 + "552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36C" 54 + "552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36C"
56 + "E3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF69558171" 55 + "E3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF69558171"
57 + "83995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF"; 56 + "83995497CEA956AE515D2261898FA051015728E5A8AACAA68FFFFFFFFFFFFFFFF";
58
59 p1 = new BigInteger(p1_string); 57 p1 = new BigInteger(p1_string);
60 p14 = new BigInteger(p14_string, 16); 58 p14 = new BigInteger(p14_string, 16);
61 g = new BigInteger("2"); 59 g = new BigInteger("2");
62 } 60 }
63 61
65 } 63 }
66 64
67 public void clientInit(int group, SecureRandom rnd) { 65 public void clientInit(int group, SecureRandom rnd) {
68 k = null; 66 k = null;
69 67
70 if(group == 1) { 68 if (group == 1) {
71 p = p1; 69 p = p1;
72 } 70 }
73 else if(group == 14) { 71 else if (group == 14) {
74 p = p14; 72 p = p14;
75 } 73 }
76 else { 74 else {
77 throw new IllegalArgumentException("Unknown DH group " + group); 75 throw new IllegalArgumentException("Unknown DH group " + group);
78 } 76 }
79 77
80 while(true) { 78 while (true) {
81 x = new BigInteger(p.bitLength() - 1, rnd); 79 x = new BigInteger(p.bitLength() - 1, rnd);
82 if(x.compareTo(BigInteger.ONE) > 0) { 80
81 if (x.compareTo(BigInteger.ONE) > 0) {
83 break; 82 break;
84 } 83 }
85 } 84 }
86 85
87 e = g.modPow(x, p); 86 e = g.modPow(x, p);
88 } 87 }
89 88
90 public void serverInit(int group, SecureRandom rnd) { 89 public void serverInit(int group, SecureRandom rnd) {
91 k = null; 90 k = null;
92 91
93 if(group == 1) { 92 if (group == 1) {
94 p = p1; 93 p = p1;
95 } 94 }
96 else if(group == 14) { 95 else if (group == 14) {
97 p = p14; 96 p = p14;
98 } 97 }
99 else { 98 else {
100 throw new IllegalArgumentException("Unknown DH group " + group); 99 throw new IllegalArgumentException("Unknown DH group " + group);
101 } 100 }
102 101
103 y = new BigInteger(p.bitLength() - 1, rnd); 102 y = new BigInteger(p.bitLength() - 1, rnd);
104
105 f = g.modPow(y, p); 103 f = g.modPow(y, p);
106 } 104 }
107 105
108 /** 106 /**
109 * @return Returns the e. 107 * @return Returns the e.
110 * @throws IllegalStateException 108 * @throws IllegalStateException
111 */ 109 */
112 public BigInteger getE() { 110 public BigInteger getE() {
113 if(e == null) { 111 if (e == null) {
114 throw new IllegalStateException("DhDsaExchange not initialized!"); 112 throw new IllegalStateException("DhDsaExchange not initialized!");
115 } 113 }
116 114
117 return e; 115 return e;
118 } 116 }
120 /** 118 /**
121 * @return Returns the f. 119 * @return Returns the f.
122 * @throws IllegalStateException 120 * @throws IllegalStateException
123 */ 121 */
124 public BigInteger getF() { 122 public BigInteger getF() {
125 if(f == null) { 123 if (f == null) {
126 throw new IllegalStateException("DhDsaExchange not initialized!"); 124 throw new IllegalStateException("DhDsaExchange not initialized!");
127 } 125 }
128 126
129 return f; 127 return f;
130 } 128 }
132 /** 130 /**
133 * @return Returns the shared secret k. 131 * @return Returns the shared secret k.
134 * @throws IllegalStateException 132 * @throws IllegalStateException
135 */ 133 */
136 public BigInteger getK() { 134 public BigInteger getK() {
137 if(k == null) { 135 if (k == null) {
138 throw new IllegalStateException("Shared secret not yet known, need f first!"); 136 throw new IllegalStateException("Shared secret not yet known, need f first!");
139 } 137 }
140 138
141 return k; 139 return k;
142 } 140 }
143 141
144 /** 142 /**
145 * @param f 143 * @param f
146 */ 144 */
147 public void setF(BigInteger f) { 145 public void setF(BigInteger f) {
148 if(e == null) { 146 if (e == null) {
149 throw new IllegalStateException("DhDsaExchange not initialized!"); 147 throw new IllegalStateException("DhDsaExchange not initialized!");
150 } 148 }
151 149
152 if(BigInteger.ZERO.compareTo(f) >= 0 || p.compareTo(f) <= 0) { 150 if (BigInteger.ZERO.compareTo(f) >= 0 || p.compareTo(f) <= 0) {
153 throw new IllegalArgumentException("Invalid f specified!"); 151 throw new IllegalArgumentException("Invalid f specified!");
154 } 152 }
155 153
156 this.f = f; 154 this.f = f;
157 this.k = f.modPow(x, p); 155 this.k = f.modPow(x, p);
159 157
160 /** 158 /**
161 * @param e 159 * @param e
162 */ 160 */
163 public void setE(BigInteger e) { 161 public void setE(BigInteger e) {
164 if(f == null) { 162 if (f == null) {
165 throw new IllegalStateException("DhDsaExchange not initialized!"); 163 throw new IllegalStateException("DhDsaExchange not initialized!");
166 } 164 }
167 165
168 if(BigInteger.ZERO.compareTo(e) >= 0 || p.compareTo(e) <= 0) { 166 if (BigInteger.ZERO.compareTo(e) >= 0 || p.compareTo(e) <= 0) {
169 throw new IllegalArgumentException("Invalid e specified!"); 167 throw new IllegalArgumentException("Invalid e specified!");
170 } 168 }
171 169
172 this.e = e; 170 this.e = e;
173 this.k = e.modPow(y, p); 171 this.k = e.modPow(y, p);
175 173
176 public byte[] calculateH(byte[] clientversion, byte[] serverversion, byte[] clientKexPayload, 174 public byte[] calculateH(byte[] clientversion, byte[] serverversion, byte[] clientKexPayload,
177 byte[] serverKexPayload, byte[] hostKey) throws IOException { 175 byte[] serverKexPayload, byte[] hostKey) throws IOException {
178 HashForSSH2Types hash = new HashForSSH2Types("SHA1"); 176 HashForSSH2Types hash = new HashForSSH2Types("SHA1");
179 177
180 if(log.isInfoEnabled()) { 178 if (log.isInfoEnabled()) {
181 log.info("Client: '" + StringEncoder.GetString(clientversion) + "'"); 179 log.info("Client: '" + StringEncoder.GetString(clientversion) + "'");
182 log.info("Server: '" + StringEncoder.GetString(serverversion) + "'"); 180 log.info("Server: '" + StringEncoder.GetString(serverversion) + "'");
183 } 181 }
184 182
185 hash.updateByteString(clientversion); 183 hash.updateByteString(clientversion);
188 hash.updateByteString(serverKexPayload); 186 hash.updateByteString(serverKexPayload);
189 hash.updateByteString(hostKey); 187 hash.updateByteString(hostKey);
190 hash.updateBigInt(e); 188 hash.updateBigInt(e);
191 hash.updateBigInt(f); 189 hash.updateBigInt(f);
192 hash.updateBigInt(k); 190 hash.updateBigInt(k);
193
194 return hash.getDigest(); 191 return hash.getDigest();
195 } 192 }
196 } 193 }